Automate your IT Security Services

Transcription

1 Automate your IT Security Services Presenter: Cyberoam Our Products Network Security Appliances - UTM, NGFW (Hardware & Virtual) Copyright 2014 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. Modem Router Integrated Security appliance

2 It starts with debunking myths Nothing can get past a firewall We are compliant, hence we are secure!

3 Google Digital Attack Map Growing Cyber Attacks Rising number of cyber threats against advanced nations such as the US. What happened to all state-of-the-art firewalls?

4 Inside the mind of today s cyber criminal 1. Indulge in multi-step, elaborate targeted attacks 2. Motivation goes beyond money, involves hacktivism, nation-state espionage, business rivalry, fame etc 3. Run deep investigation for potential vulnerabilities from firewalls to unpatched servers to poorly guarded web apps to vulnerable users in the target organization

5 Cyber-infrastructure Visualized Why is Security everywhere in this slide?

6 Anatomy of a typical targeted attack

7 Automating IT Security: From Plugging Security Holes to Driving Proactive Defense

8 What necessitates automating IT security? Common security concerns How to auto-provision uniform security policies for HQ, Data Center and Remote Branch offices Inability to assess vulnerability exposure of network due to web apps, risky users etc Lack of understanding on network intrusion attacks, network segmentation Struggle with IPS security configuration Don t know what to allow or deny?

9 Here s how automated IT security saves the day!

10 How Cyberoam helps automate IT security?

11 We know how IT and IT consumerization has changed

12 We know how network and data centers environments have evolved

13 Cyberoam addressing key challenges Complexity Centrally manage complicated network security policies for hundreds of users, applications and networking devices Evolving business Enable support and security for new business applications while monitoring controlling risk prone apps Connectivity with productivity High-availability, automatic fail-over for business continuity; intelligent QoS management and prioritization for users and apps Reporting and compliance Providing ready and in-depth support for displaying compliance and reports on user and network activities

14 Currently available security automation with Cyberoam - Identifying users instead of just IP address - Scheduled reports over - scanning and shifting to quarantine - Identifying risky users - Compliance - HA, Failover, Load balancing - Burstable bandwidth - Centralized Security Management - ConnectWise integration - Cyberoam API - Pro-active security protection in IPS

15 Cyberoam addresses a commonplace catch 22 faced by today's CXOs

16 Centralized Security Management for remote / branch offices

17 Centralized Security Management CCC is for centralized, integrated management and monitoring of Cyberoam network security devices - Complete control over distributed networks / remote branch offices from head office (H.O.) New York Branch Office Mumbai Branch Office Cyberoam Cyberoam Boston Branch Office Cyberoam Dubai Head Office Cyberoam Cyberoam Central Console (CCC)

18 Automated Logging and Reporting Ability to log and report activities from various users, devices / vendors Security Management Log Management Forensic Analysis Compliance Management Identity Logging Reporting Servers Desktop systems Logs & Events Firewalls Applications IDP / IPS Switches Routers UTM / NGFW Cyberoam iview s Logging & Reporting Facilitates Security, Compliance, Forensics

19 Real time visibility into user and network activities Traffic Discovery - Real-time visibility into bandwidth utilization by user, protocol, application Security Management Forensic Analysis Data Protection Compliance Management

20 Application Security with Layer 7 and Layer 8 controls Internet Cyberoam Appliance Application Traffic Visibility Control Manage Bandwidth Business Critical Socio business Non Critical Infected Applications Blocked worms Spyware Undesirable Logs & Reports Controls over applications based on User Identity, Time, Application and Bandwidth

21 Automated Threat Protection Intrusion Prevention System - Layer 8 and IPS Tuner driven - Identity-based IPS policies per user, group and IP address - Allows multiple IPS policies - Identity-based alerts & reports signatures broadest security cover Gateway Anti-Virus, Anti- spyware - Bi-directional scanning: Web & - Self-service Virus Quarantine - Scans HTTP, FTP, SMTP, POP3, HTTPS, IMAP and IM traffic - Instant visibility into Attacker/Victim Cyberoam Security Center Anti-Spam (Inbound/Outbound) DoS & DDoS Protection - Three level scanning: - Packet Rate Limit IP Reputation filtering - Protection against flood attacks Real-time Blackhole List (RBL) Continuously updated - SYN via Flood Recurrent Pattern Detection (RPD TM ) technology - TCP Flood - ~99% spam detection Cyberoam Security Center - UDP Flood - Self-service Quarantine and Spam Digest - ICMP Flood - Scans SMTP, POP3, IMAP traffic - IPS Signature to prevent attacks - Virus outbreak detection for zero-hour protection - Protocol Anomaly

22 Proactive Protection model Eliminates the need for manual intervention by administrators to update policies for new applications added to the list Select P2P Applications Set Action Block all future P2P applications without adding applications manually

23 Plug and Play IPS Ready to use IPS Policy templates Many SOHO/SMBs struggle with IPS How many IT managers know What to allow or deny? Which IPS policy applies? Ready to use IPS Policy templates with Firewall Rule style naming convention

24 Customizable security for Enterprise IT Pros Category Severity Platform Target Apache HTTP Server Application & Software Browsers Database Management Sys. DNS ERP System Critical (1) Major (2) Moderate (3) Minor (4) Warning (5) Windows Linux Unix Mac Client Server Exchange Mail Server FTP Industrial Control System Solaris BSD Malware Communication Microsoft IIS web server Other Misc Multimedia Office tools OS & Services Other Mail Server Reconnaissance VoIP & Instant Messaging Web Services & Applications And more

25 Ready integration with Two-factor authentication platforms

26 Integration with leading SIEM platforms Cyberoam can be integrated with the following SIEM Solutions: 1: RSA Envision 2: ArcSight 3: Cyberoam i-view Syslog to integrate with all the above SIEM solutions

27 Integration with leading MSSP business automation tools Simplified management and better delivery of security services Automatic Ticket Generation & Resolution for all CCC alerts right at ConnectWise dashboard level Threat counts Web & IPS threats Mail threats Total Virus & Spam Mail counts Unhealthy surfing hits Capacity utilization notifications Capacity utilization UTM, notifications NGFW for CPU, Disk & Memory appliances usage Reminders for Security Subscriptions renewal / expiry Other key appliance status information Appliance management and status change notifications for Appliance Connectivity with CCC Internet Link VPN connection HA Failover State

28 Cyberoam API - Enables Seamless Authentication User Authentication API for Hotspots Re-use Hotspot Authentication; avoid multiple logins Seamless Single Sign-on for Enterprises If you have an authentication, Cyberoam can fit in PMS

29 Enables balancing what matters Business agility with security responsiveness Automation for threat protection, business continuity Ease of integration with third-party systems and MSSP tools Centralizes Security Management Automated logging and reporting

30 Thank you Contact: Link: Credentials: guest /guest Get a 30 day FREE Evaluation of Cyberoam Virtual appliance